This is the same on RUT955. You have to specify PSK per host (or wildchar).
There is slight problem, that the init scripts have not been fully tested. I have been debugging this for last few hours.
/etc/init.d/ipsec script will generate one more entry into /etc/ipsec.secrets
PSK : "0"
Problem with this entry is , that it will match on every host, and use password "0". Solution is to edit /etc/init.d/ipsec and find:
if [ "$auth" = "psk" ]; then
echo ": PSK \"$psk_key\" " >>"$File_secrets"
echo " leftauth=$auth" >>"$File_ipsec"
echo " rightauth=$auth" >>"$File_ipsec"
remove line "echo ": PSK ..... " (or add # in front of it)
I think they moved from psk per host into global PSK list, and forgot this. (Yes Teltonika, you need more testing!)